WordPress Plugin Vulnerabilities

WP Super Cache < 1.4.5 - PHP Object Injection

Description

The WP Super Cache WordPress plugin was affected by a PHP Object Injection security vulnerability.

Affects Plugins

Plugin icon
wp-super-cache
Fixed in 1.4.5

References

URL
http://z9.io/2015/09/25/wp-super-cache-1-4-5/

Classification

Type
OBJECT INJECTION
OWASP top 10
A8: Insecure Deserialization
CWE
CWE-502
CVSS
8.0 (high)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
e3c7dc0a-fd8b-4057-a049-ac9100f590f9

Timeline

Publicly Published
2015-09-25 (about 10 years ago)
Added
2015-09-26 (about 10 years ago)
Last Updated
2021-03-16 (about 5 years ago)

Other

Published
Title
Published
2025-12-30
Title
Tech Life CPT <= 16.4 - Authenticated (Contributor+) PHP Object Injection
Published
2025-02-21
Title
Mambo Importer <= 1.0 - Authenticated (Administrator+) PHP Object Injection
Published
2025-04-17
Title
FluentBoards < 1.48 - Unauthenticated PHP Object Injection
Published
2016-11-15
Title
Google Analytics Counter Tracker < 3.5.0 - Unauthenticated PHP Object Injection
Published
2026-01-20
Title
Nexter Extension – Site Enhancements Toolkit < 4.4.7 - Unauthenticated PHP Object Injection via 'nxt_unserialize_replace'